Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unable to find version v1 #1

Open
sachin-traice opened this issue Mar 10, 2023 · 4 comments
Open

unable to find version v1 #1

sachin-traice opened this issue Mar 10, 2023 · 4 comments

Comments

@sachin-traice
Copy link

sachin-traice commented Mar 10, 2023
edited
Loading

Showing an

Error: Unable to resolve action shundor/bandit-action@v1, unable to find version v1

after running

 `jobs:
  scan:
    name: Bandit Check
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Bandit Scanning
        uses: shundor/bandit-action@v1`
@angrymeir
Copy link

@sachin-traice the correct name is: shundor/python-bandit-scan@v1.0

@sumanth-lingappa
Copy link

@angrymeir, how can I check if my code has issues?

@reactive-firewall
Copy link

obligatory disclaimer: I'm not associated with this project.

Clarification on the cause and workaround (fix) for this:

  • cause: This repository is named python-bandit-scan not bandit-action the initial release of this repository has no "v1" rather it only has "v1.0"
  • workaround (as previously mentioned by @sachin-traice) the dot (.) zero (0) is required.
  • This gives us the result: shundor/python-bandit-scan@v1.0 for this repository (OR perhaps you want the repository python-bandit-scan is based on called bandit-action, in which case you actually want bandit-action by Melih Değiş and that would require mdegis/bandit-action@v1.0 as documented on bandit-action)

@sachin-traice the corrected workflow for this repository would be:

jobs:
  scan:
    name: Bandit Check
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3  # Caution this version is out of date

      - name: Bandit Scanning
        uses: shundor/python-bandit-scan@v1.0

OR for bandit-action (as documented) would instead be:

uses: mdegis/bandit-action@v1.0
with:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  path: "."
  level: high
  confidence: high
  exit_zero: true

Hope this helps.

Please note I will not be following this discussion further and can not be expected to respond. Sorry.

@shundor feel free to keep or remove this comment. It's your project after all.

@huyz
Copy link

huyz commented Oct 14, 2024

OR perhaps you want the repository python-bandit-scan is based on called bandit-action, in which case you actually want bandit-action by Melih Değiş and that would require mdegis/bandit-action@v1.0 as documented on bandit-action)

Probably best to use that repo, as this one no longer works anyway

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@huyz @angrymeir @reactive-firewall @sumanth-lingappa @sachin-traice